{"id":"CVE-2023-3161","details":"A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font-\u003ewidth and font-\u003eheight greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.","modified":"2026-03-15T14:11:28.140363Z","published":"2023-06-12T20:15:12.910Z","related":["ALSA-2023:7077","SUSE-SU-2023:2646-1","SUSE-SU-2023:2782-1","SUSE-SU-2023:2804-1","SUSE-SU-2023:2805-1","SUSE-SU-2023:2808-1","SUSE-SU-2023:2809-1","SUSE-SU-2023:2810-1","SUSE-SU-2023:2820-1","SUSE-SU-2023:2822-1","SUSE-SU-2023:2830-1","SUSE-SU-2023:2831-1","SUSE-SU-2023:2834-1","SUSE-SU-2023:2859-1","SUSE-SU-2023:2871-1","SUSE-SU-2023:3333-1"],"references":[{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2213485"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"6.2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc6"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3161.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}